What Is OSINT? A Practical Guide to Doing It Right
Discover how to create a structured OSINT framework, from data collection to analysis,for scalable, ethical, and actionable intelligence.| CybelAngel
Discover how to create a structured OSINT framework, from data collection to analysis,for scalable, ethical, and actionable intelligence.| CybelAngel
Many of us are carrying around some serious digital baggage. In this blog series, I'm going to help you trim the fat - a data diet, if you will. And in the process, improve both your privacy and your security. Digital Baggage The world wide web is over 30 years old now. The internet as| Firewalls Don't Stop Dragons
xAI’s Grok LLM has access to real-time X data. Here’s how to leverage it for OSINT analysis.| Joel Latto
The team recently got a false-negative report on the SmartScreen phishing filter complaining that we fail to block firstline-trucking.com. I passed it along to our graders but then took a closer look myself. I figured that maybe the legit site was probably at a very similar domain name, e.g. firstlinetrucking.com or something, but no suchContinue reading "Attack Techniques: Fake Literally Everything! (Escrow Scam)"| text/plain
إجابة مرئية صوتية مُفصّلة لسؤال نسمة (اسم مستعار لحفظ الخصوصية).| يونس بن عمارة
In cybersecurity, information is essential, and nothing can be done without knowing who the target is. Reader: What kind of information are you talking about?Me: The kind you didn’t know was out there.Reader: Really? So how do I find it?Me: With Google.Reader: Just Google? That simple?Me: Not exactly. It’s called Google Dorking. What is Google [...]| Lipson Thomas
When it comes to open source intelligence (OSINT), LinkedIn is a treasure trove of information. With millions of professionals voluntarily sharing details about their careers, connections, personal achievements, or keeping up to date with what is happening in their professional sphere, the famous networking platform is not to be underestimated when it comes to OSINT. In our field, LinkedIn is often used to gather a lot of information about a company during a red teaming assessment or social e...| blog.compass-security.com
6/7 - 6/8という日程で開催された。チーム「25時、ディスコードで。」*1の桃井愛莉*2として参加して1位🎉 昨年はどうしても解けない1問に阻まれて2位だったので、今回は雪辱を果たすことができ大変に嬉しい。 今年も前回大会に引き続きOSINT専門のCTFで、Geo, Recon, Transportation, History, Millitary, Hardware, Companyと様々な角度からOSINT問題が出題されていた。忘れてはならないの...| st98 の日記帳 - コピー
An OSINT investigation unmasking a talented young hacker, who slowly turned into the owner of a large-scale phishing network in Malaysia.| OSINT Fans
5/3 - 5/4という日程で開催された。BunkyoWesternsのSatoki*1として参加して2位。OSINT以外も以前と比べてさらに色々出るようになっていてよかったけれども、問題数が少なくなっていてちょっと悲しい。でも楽しかった。 1点以上を得点しているチームに限っても882チームということで、大変多くのチームが参加していた。Midnight Sun CTFの繰り返す延期やbi0sCTFの延期のために今週...| st98 の日記帳 - コピー
6/8 - 6/9という日程で開催された。日本のCTFプレイヤーが開催する、"real-world oriented" という触れ込みだったOSINTのCTFだ。チーム「25時、ディスコードで。」の「離れ離れの街を繋ぐ列車は行ってしまったね」として参加して2位。Satokiさん、pr0xyさん、rand0mさんといういつものBunkyoWesternsの面々に加えて、チームProject Sekaiよりsahuangさんとenscribeさん*1を迎えての参加だった。 ...| st98 の日記帳 - コピー
Open-source intelligence (OSINT) refers to the sum of information collected from publicly available sources that anyone can access.| CIP Blog
WITNESS hosted a global convening to promote the exchange of skills and knowledge within community-led initiatives working on pathways to justice and to promote greater democratized access to emerging OSINT tools and skills, and a transformation of the existing communities of practice. The post Fortifying the Truth Through Collaboration and Community-led Documentation appeared first on WITNESS Blog.| WITNESS Blog
Linux telemetry involves gathering and sending data from a Linux-based system to an external server or service. The purpose of this process is often to| Hacking Articles
In the final installment of this series, I'll tell you about a Consumer Reports study and give you some amended recommendations on deleting your OSINT data.| Firewalls Don't Stop Dragons
Now that you've discovered what OSINT information is out there, you need to take steps to delete or at least suppress it. Here's how I did it.| Firewalls Don't Stop Dragons
[This is Part 1 in a series – see also Part 2 and Part 3] There are thousands of data brokers who are collecting, collating, correlating and packaging up your personal information, and selling it to pretty much anyone who will pay. Much of this information is available to anyone, if you know where to| Firewalls Don't Stop Dragons
Because I had the privilege of obtaining factory-fresh ROMs from the cameras| astrid.tech
I use twitter to follow a lot of good feeds but often I need to follow twitter threads for new replies to have a fast and complete view of complex threads even if I’m not cited or the tweet owner. I did some search and found a python script from @edu on github that was … Continue reading Follow and be notified of any twitter thread reply – a python twitter scraper→| Scubarda
(Click here to watch and listen to the video version of this blog entry) On 27 January 2023, I published my first OSINT Exercise page, aiming to offer free educational content in the form of well s…| Sofia Santos | OSINT Analysis & Exercises
In an extensive month-long investigation, our team has unearthed a large-scale scam operation, recruiting its victims on Facebook through ads. This eye-opening discovery not only reveals the sheer scale of the problem but also underscores the urgent need for platforms to take responsibility in enforcing their own rules, especially ahead of the implementation of the DSA. The scam, which involves over 1,500 ads and a network of deceitful media sites, targets unsuspecting users with the promise ...| CheckFirst
12/9 - 12/10という日程で開催された。st7962934781497995546*1*2のオグロプレーリードッグ*3として参加して3位。 Flatt Security Speedrun CTF #2に参加した際に、運営陣のひとりであるSatokiさんから、このCTFのWebでもRTAをして1時間以内に同カテゴリの問題をすべて解けという挑戦状を叩きつけられていたので、まずWebから見ていった。これは57分13秒という記録で達成できたし、Webの全3問...| st98 の日記帳 - コピー
A well executed phishing scam targeting online marketplace sellers.| OSINT Fans
Rapid deployment of private VPN services on the Linode cloud.| OSINT Fans
How unclaimed money portals allow investigators to discover the registered addresses of its subjects in Australia.| OSINT Fans
How lucrative is being a phishing a service operator? We review how large and lucrative the Bulletproftlink phishing service is.| OSINT Fans
How could we pinpoint an individual behind ‘Anthrax Linkers’ and its phishing campaigns? We provide further insight into a long-running scam operation in this OSINT analysis.| OSINT Fans
A binary options Bitcoin scam advertised through YouTube ads. How Bitcoin Up scamming Australians is tied to Russia and Ukraine.| OSINT Fans
Why a server in a Russian datacentre is linked to Service NSW, a website providing access to Australian government services.| OSINT Fans
Why websites running outside of the Australian jurisdiction is a risk to citizens and the public sector.| OSINT Fans
How deceptive websites are charging unsuspecting victims fees for non-existent fees and services.| OSINT Fans
Finding the train station from an image| Daniele Pusceddu
SOCMINT is the process of gathering and analyzing the information collected from various social networks, channels and communication groups in order to track down an object, gather as much partial data as possible, and potentially to understand its operation. All this in order to analyze the collected information and to achieve that goal by making ...| research.securitum.com
10/22 - 10/23という日程で開催された。keymoonさん、ptr-yudaiさん、ふるつきさん、そして私から構成される98ptsで参加して全完し1位。前回はソロチームで今回は4人チームという違いはあるけれども、2年連続で優勝できて嬉しい。 *1 全部で35問が出題されたうち、「OSINT」問が26問というCTFだった*2。CTFで出る「OSINT」には色々あるが、今回は写真が1枚与えられるのでその撮影...| st98 の日記帳 - コピー
Google Dorks: what they are and how they are used. Google often estimates more pages than another search engine in the field, with over billions of pages crawled| SerHack – Security Research
